added some notBefore/notAfter debugging info

author Andreas Steffen <andreas.steffen@strongswan.org>

Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)
author Andreas Steffen <andreas.steffen@strongswan.org>
Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c

index 7ce2800c21b9fb1d3130f039b95ff47720d56946..878406a7154d24b149305bfbb811db9cc0cd2ad5 100644 (file)
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -804,7 +804,19 @@ static bool get_validity(private_x509_ac_t *this, time_t *when,
         {
                 *not_after = this->notAfter;
         }
-       return (t >= this->notBefore && t <= this->notAfter);
+       if (t < this->notBefore)
+       {
+               DBG1("attribute certificate is not valid before %T",
+                        this->notBefore, TRUE);
+               return FALSE;
+       }
+       if (t > this->notAfter)
+       {
+               DBG1("attribute certificate expired on %T",
+                        this->notAfter, TRUE);
+               return FALSE;
+       }
+       return TRUE;
  }
  
  /**
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Fri, 2 Oct 2009 18:14:09 +0000 (20:14 +0200)